Add ldap check in application_controller and internal api

Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
author: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-03-10 17:10:23 +0200
committer: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-03-10 17:10:23 +0200
commit: b1ff8e31b1717c1abbaa3db88da77aef48b51c4e (patch)
tree: 4c269a3d0241496efed3af612d0e91133e35468c /lib/api/internal.rb
parent: 0fdab6a7478a6bc57c05485a246be318063e4e22 (diff)
download: gitlab-ce-b1ff8e31b1717c1abbaa3db88da77aef48b51c4e.tar.gz
1 files changed, 7 insertions, 1 deletions
diff --git a/lib/api/internal.rb b/lib/api/internal.rb
index ebc9fef07b4..69aad3748b3 100644
--- a/lib/api/internal.rb
+++ b/lib/api/internal.rb
@@ -35,8 +35,14 @@ module API
           user = key.user
 
           return false if user.blocked?
+
           if Gitlab.config.ldap.enabled
-            return false if user.ldap_user? && Gitlab::LDAP::User.blocked?(user.extern_uid)
+            if user.ldap_user?
+              # Check if LDAP user exists and match LDAP user_filter
+              unless Gitlab::LDAP::Access.new.allowed?(user)
+                return false
+              end
+            end
           end
 
           action = case git_cmd
author	Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>	2014-03-10 17:10:23 +0200
committer	Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>	2014-03-10 17:10:23 +0200
commit	b1ff8e31b1717c1abbaa3db88da77aef48b51c4e (patch)
tree	4c269a3d0241496efed3af612d0e91133e35468c /lib/api/internal.rb
parent	0fdab6a7478a6bc57c05485a246be318063e4e22 (diff)
download	gitlab-ce-b1ff8e31b1717c1abbaa3db88da77aef48b51c4e.tar.gz